I have an email alert set when malware is detected and not handled but the machine name does not appear. Is there a way to get that in the email? I dont see how to add that into the filter.
You should first check if the machine name appears in the associated database event. (run a query for the same).
If it is not in the event sent to ePO there is no chance for it to be in the email alert.
The logical conclusion is perhaps the local machine which generated the detection did not include the machine name in the data sent to ePO from the point product, as ePO does not modify this information merely record it.
So it is also worth checking the local machine scan log to see if that data was recorded.
Hi dtsteinb , If you want to add system name in email which you recieved .
Edit that mail response and in Action tab select place where you want to add system name and after that select Source Host name from drop down box . Insert it into mail.